Bugtraq mailing list archives
Re: Mac OS X setuid root security hole
From: Chris Adams <chris () improbable org>
Date: Wed, 17 Oct 2001 14:00:33 -0700
On Wednesday, October 17, 2001, at 09:53 , rotaiv wrote:
I can't recall if I have seen this on BugTraq so forgive me if this is an old issue.Try these steps on an OS X machine (not logged in as root) - Open up the terminal application - Quit the terminal application - Open up NetInfo Manager (leave it in the foreground)- Open up the Terminal application form the "Recent Items" list in the Apple Menu.You should now be logged in as root!
This also affects items in the Services menu (want a root text editor?), which suggests
the entire menu handler runs as the effective userid. Chris
Current thread:
- ISS Security Advisory: Citrix MetaFrame Remote Denial of Service Vulnerability X-Force (Oct 16)
- Mac OS X setuid root security hole rotaiv (Oct 17)
- Re: Mac OS X setuid root security hole Florian Kohl (Oct 17)
- Re: Mac OS X setuid root security hole Chris Adams (Oct 17)
- Re: Mac OS X setuid root security hole Ken Schweigert (Oct 17)
- Re: Mac OS X setuid root security hole Kee Hinckley (Oct 17)
- Re: Mac OS X setuid root security hole Chris Adams (Oct 20)
- Re: Mac OS X setuid root security hole Ryan Tucker (Oct 20)
- Mac OS X setuid root security hole rotaiv (Oct 17)